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DETAILED ACTION 

Claims 1-28 are pending. 

Response to Amendments and Arguments 

Applicant's amendments were fully considered. Any new objections or rejections made below 
are in response to applicant's amendments. Applicant's arguments were also fully considered, 
however, were not persuasive. 

Applicant's remarks states that the claim language (as amended last time) was inherent in the 
claims as originally filed since the claims must be read in light of the specification. The examiner 
respectfully disagrees that the language was inherent — though claims are read in light of the 
specification, limitations from the specification are not read into the claims. Because limitations from 
the specification are not read into the claims, the language amended onto the claims last time was 
not inherent to the claims. 

Applicant argues that Perlman disavows the embodiment wherein the group server and DLE 
are implemented as one unit by stating that such an implementation can greatly compromise system 
security if the DLE cannot be complemented trusted. The examiner respectfully submits that the 
teachings of the reference as a whole must be considered. It is true that Perlman recognizes that jf 
the DLE cannot be completely trusted, it could compromise system security. However, he also states 
it is possible for DLE 110 to handle both the forwarding of message 105 and the decrvptinq of 
encrvpted message key 210 (col 6, lines 1-7). In other words, it is possible in his invention that the 
functionalities of the group server and the DLE is combined into one unit, i.e. as long as the DLE is 
completely trusted. Perlman recognizing the dangers of a particular implementation of his invention 
does not mean that he teaches away from that particular implementation nor does it mean that he did 
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not invent tliat particular implementation. One skilled in the art reading the cited portion of Perlman 
would understand that as long as the DLE can be completely trusted, one can implement Perlman's 
invention wherein the group server and DLE are one unit without compromising security. 

Applicant argues Perlman only describes employing group public keys and group private keys 
in the group server and in the DLE, but does not teach the amended limitation wherein the public key 
is a non-group public key. The examiner respectfully disagrees. First, applicant's disclosure as 
originally filed does not define what is a non-group public key, thus one skilled in the art after reading 
applicant's disclosure as originally filed cannot determine what is meant by a non-qroup public key. 
One skilled in the art should appreciate that in public/private key cryptography, the key pair is typically 
owned by a single entity, thus in that manner can be considered "non-group" since the key pair is not 
owned by a group. Public key 107 disclosed by Perlman is called a "group public key" because it is 
owned by group server 114, but there is no disclosure in Perlman that any entity other than group 
server 114 owns the public/private key pair formed by public key 107 and private key 302. As such, 
public key 1 07 can be considered a "non-group public key" since it is of a key pair owned only by 
group server 1 1 4 (or the entity made up of the combination of group server 1 1 4 and DLE 1 1 0 in an 
embodiment of Perlman's invention discussed in col 6, lines 1-7). 

Applicant argues that with regards to claim 4 and other claims, the examiner's construction 
does not make sense since in Perlman, the DLE does not send information to itself. Applicant states 
that for example claim 4 requires among other things that the secret key is encrypted with the non- 
group public key of the secure distribution server to produce the encrypted secret key and then 
sending the encrypted information and encrypted secret key "to the secure distribution server". The 
examiner respectfully submits that there appears to be a discrepancy in what the invention is as 
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understood by the examiner and applicant's representative. As far as the examiner knows there is no 
requirement that the distribution server be able to send information to itself, thus it does not mater 
that the construction used by the examiner does not have the DLE sending information to itself. The 
Invention of the present application as described in the specification and claims as understood by the 
examiner has a sender encrypting information and a message key for sending to a distribution server, 
wherein the message key is encrypted using the public key of the distribution server. The distribution 
server then decrypts the encrypted message key using its private key, re-encrypts the message key 
with a recipient's public key and sends the encrypted information and re-encrypted message key to a 
recipient. Likewise, Perlman discloses of a sender 104 which encrypts a message 105 with a 
message key 204, encrypts the message key with a public key 107, and sends the encrypted 
message and encrypted message key to a group server/DLE, who then decrypts the message key 
204 using a private key 302, re-encrypts the message key with a recipient's public key 312 and 
forwards the encrypted message and re-encrypted message key to the recipient (col 5, line 10-col 6, 
line 7). The sender 104 encrypting the message key with public key 104 meets the requirement in 
claim 4 of the secret key is encrypted with the non-group public key of the secure distribution server 
to produce the encrypted secret key. The sender 104 sending the encrypted message 105 and 
encrypted message key 204 to the group server/DLE combination unit meets the requirement of claim 
4 of then sending the encrypted Information and encrypted secret key "to the secure distribution 
server". The sending referred to in claim 4 does not mean the server sending to Itself, but rather to a 
sender sending to the server. This interpretation is supported by what is disclosed in the specification 
as far as the examiner knows. 
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Applicant states that there is no public key corresponding to the DLE being used to encrypt the 
secret key in Perlman's invention. The examiner respectfully disagrees. Public key 107 corresponds 
to group server 1 104 and as discussed already, in one embodiment of Perlman's invention, the group 
server and DLE is implemented as one unit, thus in this embodiment, public key 107 corresponds to 
the group server/DLE unit and is used to encrypt the message/secret key 204 by the sender 104 as 
discussed already. 

With respect to claim 5, applicant states that the office action cites Figure 4a-4c and column 4, 
lines 47-51 as teaching this subject matter, which applicant states does not teach the subject matter 
recited in claim 5. The examiner respectfully submits that the examiner did not cite these sections 
that applicant has pointed to as meeting the limitation claimed in claim 5. It is assumed that applicant 
was looking at a different section of the office action than the rejection of claim 5~see below where 
the text of the rejection of claim 5 has been reproduced for record. 

With respect to claim 9, applicant argues that the mere forwarding and routing of packets by 
nodes in the network is not equivalent to what is being claimed. Applicant states that claim 9 requires 
that not only is encrypted information received from a sender, the encrypted key using a public key of 
the secure distribution server is also received. Applicant also states that the claim also includes 
receiving the encrypted information and the encrypted secret key and forwarding the same to the 
secure distribution serer without decrypting the encrypted secret key. The examiner respectfully 
submits that the examiner did not state that the mere forwarding of packets by nodes in a network as 
meeting the limitations claimed. Instead, the forwarding of the packets disclosed by Perlman meets 
the limitation claimed. The packets disclosed by Perlman are formed from bundle 212, which 
includes the encrypted message and encrypted message key (col 5, lines 23-37), thus forwarding 
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them to the group server/DLE combination unit without decrypting them as done by intermediary 
nodes known in the art meets the limitation claimed. Bundle 212 as discussed in the cited section is 
created by sender 104. 

Applicant states that the teaching of Perlman would not allow the forwarding and routing of 
packets in the nodes in a network to take effect as alleged since Perlman teaches not to send the 
encrypted message to the group server. The examiner respectfully disagrees. As discussed already, 
in an embodiment of Perlman's invention the group server and DLE is implemented as a single unit. 
Perlman further states that the bundle 212 is sent through the DLE to the recipients (col 5, lines 25- 
37). The bundle cannot be sent through the DLE (i.e. group server/DLE combination unit) if the DLE 
did not get the bundle sent to it. Since the DLE is implemented as a single unit with the group server 
in one embodiment of Perlman's invention, Perlman does in fact teach sending the encrypted 
message to the group server~i.e. the combination group server and DLE discussed in column 6, lines 
1-7. 

Applicant argues that blindly forwarding and routing of packets as alleged in the office action to 
that of Perlman would materially change the operation of Perlman which admitted in Perlman "can 
greatly compromise security". Applicant cited column 6, lines 1-8 of Perlman as proof of this, 
however, the examiner respectfully does not see where in this cited section or anywhere else in 
Perlman where he teaches that the forwarding of packets without decrypting them by intermediate 
nodes as known in the art "can greatly compromise security". Perlman states in the cited section that 
the DLE can handle both the forwarding of message and decrypting of the message key (i.e. 
implement the group server and DLE as one unit) and if the DLE was not completely trusted, it could 
compromise security. However, one skilled should appreciate that the implied teaching from this 
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section is tliat if tlie DLE was completely trusted, then security would not be compromised if the DLE 
and group server was implemented as one unit. There is no disclosure explicit or implicit in Perlman 
that forwarding of encrypted packets by intermediary nodes in a network without decrypting those 
packets would compromise security in any manner. 

The remaining arguments are traversed because they depend on the above arguments 
already traversed. 



Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject 
matter which the applicant regards as his invention. 

Claims 1-28 are rejected under 35 U.S.C. 112, second paragraph, as being indefinite for failing 
to particularly point out and distinctly claim the subject matter which applicant regards as the 

invention. 

1 . Claims 1 , 4, 13, 15, 18, 220, 24, and 27 were amended to refer to an encrypted secret key that 
was encrypted using a non-qroup public key. Applicant's disclosure as originally filed provides 
no written support for "a non-group public key", thus it is unclear what sort of public key is 
considered a "non-group public key". As a person of ordinary skill in the art should appreciate, 
in a public/private key system, a public key is made public while the private key is typically only 
known to an individual. The examiner in rejecting the claims will assume that "a non-group 
public key" refers to a public key belonging to a key pair wherein the private key is only known 
to a single individual or entity. 
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2. Claims not specifically addressed are rejected due to dependency. 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis 
for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by another filed in the 
United States before the invention by the applicant for patent or (2) a patent granted on an application for patent by 
another filed in the United States before the invention by the applicant for patent, except that an international application 
filed under the treaty defined in section 351 (a) shall have the effects for purposes of this subsection of an application 
filed in the United States only if the international application designated the United States and was published under 
Article 21 (2) of such treaty in the English language. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 
102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the 
subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary skill 
in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

Claims 1-4, 6-7, 10, 12, 15-24, 26, and 28 are rejected under 35 U.S.C. 102(e) as anticipated 
by Perlman et al (US 6,912,656) as evidenced by Graunke et al (US 5,991,399) or, in the alternative, 
under 35 U.S.C. 103(a) as obvious over Perlman et al (US 6,912,656) in view of Graunke et al (US 

5,991,399). 

Claims 1, 15, 18, and 20: 

As per claim 1, Perlman discloses: 
1 . Receiving encrypted information (i.e. encrypted message 210) from a sender for transmission 



to at least one intended recipient (col 5, lines 10-12 and 25-37) and receiving an encrypted 
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secret key (i.e. encrypted message key 210) encrypted using a public key (i.e. public key 107) 
corresponding to a secure distribution server (col 5, lines 28-30 and 52-55). Note that 
encrypted message key 210 was encrypted using public l<ey 107. Tine group server 1 14 
decrypts encrypted message key 210 using private key 302 (col 5, lines 32-34 and 53-55). 
This means that public key 107 and private key 302 are a public/private key pair. Since private 
key 302 corresponds to group server 114 (col 5, lines 5-10), public key 107 also corresponds 
to group server 1 14. The examiner considers the combination of the DLE and the group 
server as the claimed secure distribution server. Note that Perlman discloses that the DLE 
fonfl/ards messages (col 5, lines 34-37) while the group sen/er decrypts the encrypted 
message key (col 5, lines 48-55). Perlman discloses that rather than use a separate group 
server, the functionalities of the DLE and group server could be incorporated into the DLE (col 
6, lines 1-5). 

2. Decrypting the encrypted secret key to produce a decrypted secret key (col 5, lines 52-54). 

3. Obtaining a corresponding public key of at least one intended recipient (Fig 3 and col 5, lines 
55-60). 

4. Encrypting the decrypted secret key for the at least one intended recipient using a 
corresponding pubic key specific to the at least one intended recipient to produce at least one 
recipient specific secure secret key (Fig 3; col 2, lines 60-65; and col 5, lines 55-60 and 65-67). 
Note that after the group server decrypts encrypted message key 210, it re-encrypts the 
message key for transmission to at least one recipient. In column 5, lines 55-60, Perlman 
discloses that in his invention a variety of key types could be utilized to encrypt the decrypted 
secret message key. One of these key types is a public key 312 belonging/specific to at least 
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one recipient. Encrypted message key 308 is formed from the encryption of the message liey 
using public key 312 of the recipient. 
5. Forwarding the encrypted information sent by tine sender and at least one recipient specific 
secure secret key for tine at least one intended recipient (col 5, lines 14-15, 34-37, and 65-66). 

As per the limitation that the secret key was encrypted using a non-group public key 
corresponding to a secure distribution server, the examiner first notes that applicant's specification 
fails to define what is a "non-group public key". However, as evidenced by Graunke, in public key 
cryptography systems two keys are used for cryptographic operations, where the public key is public 
and the corresponding private key is known only to the particular user (col 1 , lines 50-56). Note that 
public key 107 and private key 302 disclosed by Perlman forms a key pair where the public key 107 is 
used by sender 104 to encrypt message key 204 while private key 302 is used by the group server 
114 to decrypt the received encrypted message key (col 5, lines 23-55). While the public/private key 
disclosed by Perlman is associated with a group of valid recipients, there is no disclosure that any 
entity other than the group server 114 knows the value of the private key 302. As such, public key 
107 and private key 302 can be considered as belonging only to group server 114, thus the public key 
107 disclosed by Perlman can be considered a "non-group public key" because as evidenced by 
Graunke's teachings, in public/private key cryptography, the key pair is owned only by a particular 
user (col 1, lines 50-56). 

Alternatively, even if in Perlman's both public key107 and private key 302 could conceivably be 
known by/owned by some other entity other than group server 107, it would have been obvious to 
one skilled in the art to modify Perlman's invention such that public key 107 and private key 302 was 
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only owned by group server 107 by making group server 107 the only entity to know the value of 
private key 302 as per Graunke's teachings, thus making public key 107 a "non-group public key". 
One skilled would have been motivated to do so because Graunke teaches that in public key 
cryptography, the second key is only known to a particular user (col 1 , lines 50-56). Further, one 
skilled in the art should appreciate that decreasing the number of entities that know the value of the 
private key would increase security since there is less chances of the key value being discovered. 

Claim 15 recites a method similar to claim 1 and is rejected for substantially similar reasons. 
The difference is that claim 15 recites that each of the steps of the method recited in claim 1 is done 
by a secure distribution server. As explained above, the examiner considers the combination of the 
DLE and group server disclosed by Perlman as the claimed secure distribution server. Because each 
of the above steps discussed above as anticipated by Perlman are performed by the DLE and/or 
group server of Perlman, Perlman also anticipates the method of claim 15. 

Claim 18 is directed to a network element comprising one or more processing devices 
operative to perform the method of claim 1 . Claim 18 is rejected for much the same reasons as claim 
1 . The DLE/group server of Perlman is considered the one or more processing devices referred to in 
claim 18. 

Claim 20 is directed towards a computer storage medium comprising memory containing 
executable instructions that when read by one or more processing devices causes the one or more 
processing devices to perform the method of claim 1 . Claim 20 is rejected for much the same 
reasons as claim 1 . Note that Perlman's invention is implemented using a network of computer 
systems (Fig 1), thus a computer storage medium comprising memory containing executable 
instructions is inherent to his invention. 
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Claim 24: 

Perlman discloses: 

1 . At least one sender (i.e. Fig 1, sender 104) that encrypts information (i.e. message 105) with a 
secret key (i.e. message key 204) to produce encrypted information (i.e. encrypted message 
206), encrypts the secret key with a public key (i.e. public key 107) associated with a network 
element (i.e. the combination of DLE 10 and group server 1 14) to produce an encrypted secret 
key (i.e. encrypted message key 210), and during an online session, sends the encrypted 
information and the encrypted secret key to the network element (col 5, lines 10-37 and 48- 
55). Public key 107 and private key 302 form a public/private key pair (col 5, lines 32-34). 
Since private key 302 corresponds to group server 114, public key 107 also corresponds to the 
DLE/group server the examiner is considering the recited network element. 

2. At least one intended recipient (Fig 1, recipients 106 and 108). 

3. At least one network element (i.e. the combination of DLE 110 and group server 114), 
operatively coupled to the sender at least one intended recipient (Fig 1 and col 6, lines 1-5), 
including one or more processing devices operative to: 

a. Decrypt the encrypted secret key to produce a decrypted secret key (col 5, lines 52-54). 

b. Obtaining a corresponding public key of at least one intended recipient (Fig 3 and col 5, 
lines 55-60). 

c. Encrypt the decrypted secret key for the at least one intended recipient using a 
corresponding pubic key specific to the at least one intended recipient to produce at 
least one recipient specific secure secret key (Fig 3; col 2, lines 60-65; and col 5, lines 
55-60 and 65-67). Note that after the group server decrypts encrypted message key 
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210, it re-encrypts the message key for transmission to at least one recipient. In column 
5, lines 55-60, Perlman discloses that in his invention a variety of key types could be 
utilized to encrypt the decrypted secret message key. One of these key types is a 
public key 312 belonging/specific to at least one recipient. Encrypted message key 308 
is formed from the encryption of the message key using public key 312 of the recipient. 
d. Forward the encrypted information sent by the sender and at least one recipient specific 
secure secret key for the at least one intended recipient (col 5, lines 14-15, 34-37, and 
65-66). 



As per the limitation that the secret key was encrypted using a non-qroup public key 
associated with a networking element, the examiner first notes that applicant's specification fails to 
define what is a "non-group public key". However, as evidenced by Graunke, in public key 
cryptography systems two keys are used for cryptographic operations, where the public key is public 
and the corresponding private key is known only to the particular user (col 1 , lines 50-56). Note that 
public key 107 and private key 302 disclosed by Perlman forms a key pair where the public key 107 is 
used by sender 104 to encrypt message key 204 while private key 302 is used by the group server 
1 14 to decrypt the received encrypted message key (col 5, lines 23-55). While the public/private key 
disclosed by Perlman is associated with a group of valid recipients, there is no disclosure that any 
entity other than the group server 114 knows the value of the private key 302. As such, public key 
107 and private key 302 can be considered as belonging only to group server 114, thus the public key 
107 disclosed by Perlman can be considered a "non-group public key" because as evidenced by 
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Graunke's teachings, in public/private key cryptography, the key pair is owned only by a particular 
user (col 1, lines 50-56). 

Alternatively, even if in Perlman's both public key107 and private key 302 could conceivably be 
known by/owned by some other entity other than group server 107, it would have been obvious to 
one skilled in the art to modify Perlman's invention such that public key 107 and private key 302 was 
only known by/owned by group server 107 by making group server 107 the only entity to know the 
value of private key 302 as per Graunke's teachings, thus making public key 107 a "non-group public 
key". One skilled would have been motivated to do so because Graunke teaches that in public key 
cryptography, the second key is only known to a particular user (col 1 , lines 50-56). Further, one 
skilled in the art should appreciate that decreasing the number of entities that know the value of the 
private key would increase security since there is less chances of the key value being discovered. 
Claims 2, 16, and 21: 

Perlman further discloses determining a plurality of intended recipients and retrieving 
corresponding public keys of the plurality of intended recipients for encrypting the decrypted secret 
key (col 5, lines 10-18 and 53-60). 

Perlman discloses of at a plurality of intended recipients, i.e. recipient 106 and 108. Note that 
in a public/private key system, the private key is kept secret by the owner of the public/private key 
pair. This implies that each recipient have its own corresponding public/private key pair. When the 
DLE/group server re-encrypts the message key for each recipient using each recipient's 
corresponding public key to form encrypted message key 308, the corresponding public key of the 
plurality of intended recipients has to be retrieved by the DLE/group server for encrypting the 
decrypted secret/message key. 
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Claims 3, 17, and 22: 

Perlman further discloses the step of encrypting the decrypted secret key with a corresponding 
public key of the at least one intended recipient includes encrypting a copy of the decrypted secret 
key for each intended recipient with a corresponding recipient public key (col 5, lines 16-18 and 53- 
60). 

Claim 4: 

Perlman further discloses encrypting information with the secret key to produce the encrypted 
information (col 5, lines 25-26), encrypting the secret key with the public key of the secure distribution 
server to produce the encrypted secret key (col 5, lines 28-32 and 53-60), and sending the encrypted 
information and the encrypted secret key to the secure distribution server (col 5, lines 34-37). The 
public key disclosed by Perlman used to encrypt the secret key being the "non-group public key" is 
evidenced by/made obvious by Graunke's teachings as discussed above. 
Claim 6: 

The limitation of storing the encrypted information locally on a device that performed the step 
of encrypting information with the secret key is inherent to Perlman's invention. To be able to encrypt 
and then forward the encrypted information/message to the secure distribution server (i.e. the 
DLE/group server), the device which performed the encryption process must store the encrypted 
information locally in memory before being able to send the encrypted information. 
Claim 7: 

Perlman further discloses encrypting the secret key, by a sending device, with a public key 
associated with at least one of a user of the sending device and the sending device (col 5, lines 28-30 
and Fig 2). 
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Claims 10 and 23: 

As per claim 10, Perlman further discloses of determining by the secure distribution server, if 
the encrypted information needs to be sent to other entities, if so, encrypting the decrypted secret key 
using a public key associated with each of the additional entities (col 3, lines 45-48; col 5, lines 12-15, 
48-48-60; and col 6, lines 1-5). 

Note that the message could be intended for multiple recipients, thus the public key of each of 
the recipients would have to be utilized to encrypt the secret/message key so that the encrypted 
message key could be sent to each of the recipients. 

Claim 23 recite limitations substantially similar to what is recited in claim 10 and is rejected for 
similar reasons. 
Claims 12, 19, and 26: 

As per claim 12, Perlman further discloses wherein retrieving the corresponding public keys of 
the plurality of intended recipients for encrypting the decrypted secret key includes obtaining the 
corresponding public keys from at least one of: a certificate retrieval and validation service, an LDAP 
lookup and a certificate directory lookup (col 5, lines 52-58 and 61-65 and col 7, lines 13-28). 

Claim 19 is directed to the one or more processing devices performing the method of claim 12, 
thus is rejected for similar reasons as claim 12. 

Claim 26 is directed to the network element performing the method of claim 12, thus is rejected 
for similar reasons as claim 12. 
Claim 28: 

Perlman further discloses the network element of comprising at least one processing device 
that include the means for decrypting (Fig 3, item 304), means for obtaining a corresponding public 
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key (Fig 3, item 312 and col 5, lines 50-60) and the means for encrypting the secret key (Fig 3, item 
306). 

Claims 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman et al (US 
6,912,656) as evidenced by/in view of Graunke et al (US 5,991 ,399) in further view of Leigh (US 
7,284,067). 
Claim 5: 

Perlman discloses encrypting the secret key using a public key for a secure distribution server 
to produce a secure distribution server specific encrypted secret key (col 5, lines 28-32 and 52-55). 
Perlman does not explicitly disclose the encrypting is done using a public key for each of a plurality of 
secure distribution servers which produces a plurality of secure distribution server specific encrypted 
secret keys. 

However, Leigh discloses that at the time applicant's invention was made, it was known in the 
art that it was desirable to connect multiple servers to a network for purposes of load balancing (col 1 , 
lines 22-24). 

At the time applicant's invention was made, it would have been obvious to one skilled in the art 
to modify Perlman's invention such that rather than have one secure distribution server (i.e. 
DLE/group server), there were a plurality of secure distribution servers (as per Leigh's teachings). 
One skilled would recognize that because there are multiple secure distribution servers in the 
combination invention of Perlman and Leigh, the sender would then need to encrypt the secret key 
using the public key for each of the plurality of secure distribution servers to produce a plurality of 
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secure distribution server specific encrypted secret keys. One skilled would have been motivated to 
modify Perlman's teachings in the manner discussed because it would prevent overburdening of 
Perlman's DLE/group server and because it would provide for network redundancy, which would 
allow messages to be sent even if some of the distribution servers went offline for whatever reason. 

Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman et al (US 
6,912,656) as evidenced by/in view of Graunke et al (US 5,991 ,399) in further view of Ofir (US 
2003/0007645). 
Claim 8: 

Perlman does not explicitly disclose digitally signing the information using a private signing key 
associated with at least one of a user of a sending device and the sending device. However, Ofir 
discloses a message being signed with a sender's private key (paragraph 38). At the time applicant's 
invention was made, it would have been obvious to one skilled in the art in light of Ofir's teachings to 
modify Perlman's invention such that the information sent from the sender to the DLE/group server 
was digitally signed using a private signing key associated with at least one of a user of a sending 
device and the sending device. One skilled would have been motivated to do so because it would 
enable the recipient to authenticate the message as being sent by the sender (Ofir: paragraph 38). 
Being able to authenticate the identity of the sender of a message was a well known goal in field 
network communication. 
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Claim 9 is rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman et al (US 
6,91 2,656) as evidenced by/in view of Graunke et al (US 5,991 ,399) In further view of Gehring (US 
2002/0116606). 
Claim 9: 

Perlman discloses the encrypted information and the encrypted secret key being sent by the 
sender (col 5, lines 34-37). Perlman does not explicitly disclose receiving the encrypted information 
and the encrypted secret key and forwarding the encrypted information and the encrypted secret key 
to the secure distribution server without decrypting the encrypted secret key. 

However, note that Perlman's invention is practiced in a network environment (Fig 1). Gehring 
discloses in paragraph 5 that in networks consisting of multiple interconnected nodes (i.e. such as the 
one disclosed by Perlman in Figure 1), some nodes cannot communicate directly with each other. In 
these cases, it was known in the art that some nodes acted as relays that forwarded messages 
between nodes that cannot communicate directly with each other. In these known prior art networks, 
Gehring discloses that the forwarding nodes receives an encrypted message and forwards the 
encrypted message to its destination without decrypting the encrypted message (paragraph 6). 
Recall that in Perlman's invention, the message sent from the sender to the receiver is a bundle 212 
consisting of the encrypted message/information and the encrypted secret/message key (col 5, lines 
34-37). 

At the time applicant's invention was made, it would have been obvious to one skilled in the art 
to modify Perlman's invention such that it contained one or more forwarding nodes which Gehring 
disclosed was well known in the prior art such that the forwarding nodes received the encrypted 
information and the encrypted secret key and forwards the encrypted information and the encrypted 
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secret key to the secure distribution server without decrypting the encrypted secret key. The rationale 
for why it would have been obvious to one skilled in the art is that networks such as the one utilized 
by Perlman to practice his invention typically contain several nodes which cannot communicate 
directly with each other, thus requires relay nodes to forward messages. Perlman's invention as 
disclosed by him is a system ready for improvement (i.e. needing relay nodes) and the use of the 
known relaying technique as discussed by Gehring does no more than yield the predictable result of 
having nodes in the network which relays bundle 212 from the sender to the DLE/group server 
without decrypting the bundle. 

Claims 1 1 and 27 are rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman et 
al (US 6,912,656) as evidenced by/in view of Graunke et al (US 5,991 ,399) in further view of Chen et 
al (US 5,832,208). 
Claims 11 and 27: 

As per claim 1 1 , Perlman discloses the steps of: encrypting the decrypted secret key using a 
public key and sending the encrypted information and the encrypted secret key. 

Perlman does not explicitly disclose the public key is associated with a content scanning 
device; the sending is to the content scanning device; receiving a result back from the content 
scanning device, forwarding the encrypted information based on the result sent by the content 
scanning device and based on at least one recipient specific secure secret key for at least one 
intended recipient. 

However, Chen discloses a virus scanner, i.e. content scanning device, being implemented on 
a server (col 5, lines 53-60). Chen discloses that emails sent to the server are scanned for viruses, 



Application/Control Number: 10/092,277 Page 21 

Art Unit: 2135 

an alert is generated if a virus is detected, and if possible, the virus is removed from the email 
attachment (col 5, lines 25-27 and col 7, lines 57-60). 

In light of Chen's teachings, it would have been obvious to one of ordinary skill in the art to 
have combined Perlman and Chen's teachings according to the limitations recited in claim 1 1 . One of 
ordinary skill would have been motivated to do so as scanning messages for viruses and removing 
the virus from email messages would prevent the spread of viruses to recipients of the email 
messages, which would compromise the recipient's system and any network they are attached to. 

Claim 27 recites a network element which performs the limitations of the method recited in 
claim 1 1 and is rejected for the same reasons given in claim 1 1 . Note the public keying of Perlman 
being the "non-group public key" is evidenced by/made obvious by Graunke's teachings as discussed 
above. 

Claims 13 and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman et 
al (US 6,912,656) as evidenced by/in view of Graunke et al (US 5,991 ,399). 
Claims 13 and 25: 

As per claim 13, Perlman further discloses encrypting information with the secret key to 
produce the encrypted information (col 5, lines 25-26), encrypting the secret key with the public key of 
the secure distribution server to produce the encrypted secret key (col 5, lines 28-32 and 53-60), and 
during an on line session, sending the encrypted information and the encrypted secret key to the 
secure distribution server (col 5, lines 34-37. 
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Perlman does not explicitly disclose the encryption of the information and secret key are done 
offline. However, the examiner submits that encrypting information and a secret key offline was well 
known in the art. For example, it is well known that a user can prepare an email message for sending 
on a laptop when the laptop does not have a network connection, i.e. if the user was on a plane for a 
business trip. The message is usually prepared to a state where the only thing needed to be able to 
send the email is a network connection. Later, when the laptop is connected to a network, the 
message can then be sent. It would have been obvious to have the encryption of the message and 
key done offline prior to connecting to a network as the encryption process might take a long time and 
connection charges on the road can be expensive. 

In light of the above, it would have been obvious to one of ordinary skill in the art at the time 
the applicant's invention was made to have modified Perlman's invention according to the limitations 
recited in claim 13. The rationale for why it would have been obvious to one skilled in the art to 
modify Perlman's invention according to the limitations recited in claim 13 is that the application of the 
known technique of encrypting data while offline for later transmission during an online session would 
do no more than yield a predictable result of allowing Perlman's sender to encrypt information and the 
secret key while offline, which would allow Perlman's sender to prepare a message for sending even 
when not online. The public key of Perlman being the "non-group public key" is evidenced by/made 
obvious by Graunke's teachings as discussed above. 

Claim 25 recites a similar limitation as claim 13 and is rejected for similar reasons. 
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Claim 14 is rejected under 35 U.S.C. 103(a) as being unpatentable over Perlman et al (US 
6,91 2,656) as evidenced by/in view of Graunke et al (US 5,991 ,399) in further view of Bouchard et al 
(US 2002/0091928). 
Claim 14: 

Perlman does not disclose sending the encrypted information to a time stamper and receiving 
a time stamped result prior to forwarding the encrypted information and the at least one recipient 
specific secure secret key to the at least one corresponding intended recipient. 

However, Bouchard discloses time stamping a message by a time stamper prior to forwarding 
the message to a recipient (p3, paragraph 31 , lines 11-15 and Fig 2). In light of Bouchard's teachings 
it would have been obvious to one of ordinary skill in the art at the time the applicant's invention was 
made modify Perlman's invention according to the limitations recited in claim 14. One of ordinary skill 
would have been motivated to do so as Bouchard discloses that applying a time stamp to a message 
allow for an audit log of the message, which is useful in preventing the repudiation of digitally-signed 
documents/messages (p3, paragraph 28). 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office 
action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded 
of the extension of time policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE MONTHS from 
the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing 
date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH 
shortened statutory period, then the shortened statutory period will expire on the date the advisory 
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action is mailed, and any extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the 
mailing date of the advisory action. In no event, however, will the statutory period for reply expire 
later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to PONNOREAY RICH whose telephone number is (571) 272-7962. The 
examiner can normally be reached on 9:00am-4:30pm Mon-Thurs. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Kim Vu can be reached on 571-272-3859. The fax phone number for the organization where this 
application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained 
from either Private PAIR or Public PAIR. Status information for unpublished applications is available 
through Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the 
Electronic Business Center (BBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information system, call 800- 
786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Ponnoreay Pich/ 
Examiner, Art Unit 2135 
/KimYen Vu/ 

Supervisory Patent Examiner, Art Unit 2135 



